Black Duck Valuable Features
The product enables other applications to be secure. We use it to onboard 400 to 500 applications into the DevOps platform, protect them, and have a secure environment. The tool integrates well with different technologies, application stacks, and databases. The APIs are available. We can read the blogs in the community for open-source compliance and security. The community feeds are important. Black Duck is a leader in Gartner. It is a reliable solution.
View full review »The UI is the solution's most valuable feature since it allows for easy pipeline integration.
SK
SanjeevKumar14
Project Lead at ABB Group
It is able to drill down to the source level.
View full review »Buyer's Guide
Software Composition Analysis (SCA)
March 2024
Find out what your peers are saying about Synopsys, Mend.io, Snyk and others in Software Composition Analysis (SCA). Updated: March 2024.
765,386 professionals have used our research since 2012.
I really like the fact that we can define policies at a group level. Based on the foundation we create on the baseline, we can apply specific policies for specific teams. We can apply the same policy to the entire organization and tailor the policies for different teams. Policy management is a valuable feature.
I also enjoy using the license management feature in which we can add or review the terms of the licenses. The component management feature is also good. Black Duck is quite powerful. It has been in the industry for quite a lot of time, for around 30 years.
ZR
Zhengang Ren
Senior Quality Manager at a financial services firm with 11-50 employees
The solution is very good at scanning and evaluating open source software. In the past, we had misunderstandings about the open source files in our products.
The solution checks for open source license compliance. You provide the license for a software such as MIT and the solution scans documents, tabs, and files by date.
The most valuable feature of Black Duck is the seamless integration to scan our Docker binary files, it provides us all open vulnerabilities, and it ensures a reference point from where it finds the vulnerability is up to date. For example, if there is any new vulnerability found, they are immediately available in the Black Duck. There is no delay in finding the vulnerabilities, they are called out in our code immediately.
View full review »JR
Jyotiprasad RATH
Head: Open Source Program Office at a financial services firm with 10,001+ employees
We are happy with this solution.
We have not yet explored all of the functionalities of Black Duck.
Black Duck is pretty extensive in terms of the scan reserves and the vulnerability exposures. From that perspective, I'm happy with it.
View full review »CV
reviewer1472997
CTO at a computer software company with 11-50 employees
The knowledge base and the management system are the most valuable features of Black Duck Hub. It has a very helpful management environment. They offer an editor where we can check the discovered license, which is retrieved from their knowledge base. They have a huge knowledge base build over the years. It gives you some possibilities, such as this license with possibility A could cause a vulnerability issue or a potential breach.
View full review »ZR
Zvika-Ronen
Chief Technology Officer (CTO) at FOSSAWARE
I like the fact that the product auto analyzes components. In comparison to Protecode where you're given a suggestion and you have to manually choose the correct one, Black Duck analyzes automatically. However, there is a degree of error, possibly around 5%.
VM
Vivek Mishra
Senior Technical Architect at IGT Solutions
We accidentally use third-party library APIs, which may not be secure. Our technical team may not have the end time or expertise to figure it out. Black Duck helps us with that and saves us time.
View full review »MC
reviewer1642500
Engineer at a manufacturing company with 10,001+ employees
It's a well-recognized tool in our industry. We have a lot of requests for the product from clients.
The solution is very easy to use.
The stability has been good over the years.
The installation is very easy.
View full review »SK
reviewer1421445
Former SVP at a manufacturing company with 5,001-10,000 employees
The solution has some pretty good features on offer.
It helps protect our information. It has good security.
The solution works well on Mac products.
View full review »RS
RaviShankar
Lead Product Enginner at Harman International Industries, Incorporated
The most valuable feature is the vulnerability scanning, and that it's easy to use.
View full review »Buyer's Guide
Software Composition Analysis (SCA)
March 2024
Find out what your peers are saying about Synopsys, Mend.io, Snyk and others in Software Composition Analysis (SCA). Updated: March 2024.
765,386 professionals have used our research since 2012.